We are using a Fortigate 100F with firmware 7.2.2.
Is there a way to reset the hit counts for specific SD-WAN rules?
After some searching in the guides and the forum I found info to reset the hit counts for the policy rules but uptil now no luck in resetting the hit counts for the SD-WAN rules.
Can some of the guru's here help me or point me in the right direction?
Thanks in advance
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @ICT_Putte ,
Welcome to the community.
Can you, please, try diag firewall proute list and then clear hit_count using the policy route ID from ‘proute list’ ?
Hi @ICT_Putte ,
Here are the steps:
1. Run the command 'diag firewall proute list '
2. Look for the relevant sdwan rule:
id=2130706435(0x7f000003) vwl_service=3(test)
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=179316 last_used=2022-10-20 13:04:57
3. Run the following command:
2130706435 is id for this sdwan rule
diagnose firewall proute clear 2130706435
4. Result:
id=2130706435(0x7f000003) vwl_service=3(test)
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=0 last_used=2022-10-20 13:05:58
Hope this helps.
Thank you.
Shahan
Hi @ICT_Putte ,
Welcome to the community.
Can you, please, try diag firewall proute list and then clear hit_count using the policy route ID from ‘proute list’ ?
Hi @ICT_Putte ,
Here are the steps:
1. Run the command 'diag firewall proute list '
2. Look for the relevant sdwan rule:
id=2130706435(0x7f000003) vwl_service=3(test)
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=179316 last_used=2022-10-20 13:04:57
3. Run the following command:
2130706435 is id for this sdwan rule
diagnose firewall proute clear 2130706435
4. Result:
id=2130706435(0x7f000003) vwl_service=3(test)
source(1): 0.0.0.0-255.255.255.255
destination(1): 0.0.0.0-255.255.255.255
hit_count=0 last_used=2022-10-20 13:05:58
Hope this helps.
Thank you.
Shahan
Thanks for the info. With it I managed to clear the hit count.
I noticed some strange behaviour thou (maybe a bug in the firmware version I'm using?):
When I used the command with a specific id of a sdwan rule it didn't work.
'diag firewall proute clear <id nummer> ' didn't gave an error but it also didn't clean the hit count.
If I gave the same command without the id nummer it cleared all the hitcounts of all the rules (as expected).
The firmware I'm using v7.2.2 build 1255.
With kind regards.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.